The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun solaris 9.0 |
||
sun solaris 8.0 |
||
sun sunos 5.8 |